SMSF Association Media Release
The SMSF Association is urging all self-managed super fund (SMSF) trustees to remain alert and proactive in safeguarding their funds’ security in the wake of recent cyber-attacks on some large APRA-regulated superannuation funds.
SMSF Association CEO Peter Burgess said that these recent incidents were a “timely reminder” that no part of the superannuation sector is immune from cyber threats – including SMSFs.
“We are not aware of SMSFs being targeted in these most recent attacks, but given the fragmented nature of our sector, it can be difficult to identify isolated incidents.
“What we do know is that the cyber risks faced by SMSFs are different in nature to those which manifested themselves in these recent attacks.
“Unlike a sector-wide attack that targets the balances of many members simultaneously, an attack on SMSFs would require targeting individual bank accounts which typically represents the retirement savings of one or two members.
“Every SMSF is required to have their own bank account which means trustees can benefit from the security protocols of both the banks and their SMSF software providers and administrators.”
“Whilst these layered protections are reassuring, they are not infallible. Cyber criminals continue to evolve their tactics, and no industry is immune from a cyber-attack – and that includes SMSFs.”
“To protect retirement savings, SMSF trustees must also take personal responsibility for cyber hygiene and remain vigilant.”
“This includes changing your password regularly, enabling multi-factor authentication on all accounts and learning how to identify and avoid scams.”
“Cybersecurity is not just a technology issue — it’s a trustee responsibility,” Burgess said. “By staying informed and being proactive, SMSF members can play an important part in reducing their exposure to cyber threats.”